arp请求和回应

环境

pip3 install scapy

pip3 install ipython

from scapy.all import *
ls(Ether())

或者独立使用

scapy

>>>

抓包

抓取arp报文

tcpdump -ent   arp

抓取2个arp包，保存到cap中，可以用wireshark打开

tcpdump -ent  -c 2 arp -w test.cap

过滤网卡

tcpdump -i enp4s0 arp

arp请求

from scapy.all import *

eth =Ether(dst="ff:ff:ff:ff:ff:ff")
arp = ARP(pdst="192.168.10.99")
packet = eth / arp


desired_length = 60
current_length = len(bytes(packet))

padding_length = desired_length - current_length

# 如果需要填充，添加 Raw 层作为填充
if padding_length > 0:
    padding = Raw(b'\xcd' * padding_length) # 填充cd
    packet = packet / padding

packet.show()
sendp(packet)

arp应答

from scapy.all import ARP, Ether, sniff, sendp, Raw

def arp_response(packet):
    if packet.haslayer(ARP) and packet[ARP].op == 1:  # ARP 请求 (op=1)

        packet = Ether(dst=packet[Ether].src) / ARP(op=2, psrc=packet[ARP].pdst, pdst=packet[ARP].psrc, hwdst=packet[Ether].src)

        desired_length = 60
        current_length = len(bytes(packet))

        padding_length = desired_length - current_length

        if padding_length > 0:
            padding = Raw(b'\xab' * padding_length)
            packet = packet / padding

        packet.show()
        sendp(packet)


sniff(filter="arp", prn=arp_response, store=0)

抓到的包

arp packet